EP1381190A1 - Method for accessing a virtual private network resource based on uniform resource identifiers - Google Patents
Method for accessing a virtual private network resource based on uniform resource identifiers Download PDFInfo
- Publication number
- EP1381190A1 EP1381190A1 EP02360207A EP02360207A EP1381190A1 EP 1381190 A1 EP1381190 A1 EP 1381190A1 EP 02360207 A EP02360207 A EP 02360207A EP 02360207 A EP02360207 A EP 02360207A EP 1381190 A1 EP1381190 A1 EP 1381190A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- vpn
- uri
- resource
- access
- accessing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/30—Managing network names, e.g. use of aliases or nicknames
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/35—Network arrangements, protocols or services for addressing or naming involving non-standard use of addresses for implementing network functionalities, e.g. coding subscription information within the address or functional addressing, i.e. assigning an address to a function
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
Definitions
- the present invention relates to providing access to resources in a virtual private network by an extended notion of a uniform resource locator. More particularly, the present invention relates to a method, an adapter, a client terminal, an encoding application server, a network access server, a uniform resource identifier, a transfer protocol, a markup language, a user interface, and computer software products for accessing a virtual private network (VPN) resource based on a uniform resource identifier (URI).
- VPN virtual private network
- URI uniform resource identifier
- Banner advertisement is the internal billboard placed on the Information Superhighway. Banners usually appear at the top of web pages. Banner advertising is one of the most well known and visible forms of advertising on the Internet today. They increase the visibility of the product or service is advertised, same like a magazine or TV advertisement. When a banner advertisement is clicked on, and the user is taken through to the advertiser web site this is termed a click-through.
- the banner advertisement contains a short text or graphical message to attract the viewer to click on it and be swiftly transported to that particular web site.
- VPN virtual private network
- Carriers have been building VPNs that appear to be private national or international networks to their customers when they are, in fact, sharing backbone trunks with other customers.
- VPNs feature the security of a private network via access control and encryption, while taking advantage of the economies of scale and built-in management facilities of large public networks.
- IP Internet Protocol
- a secure VPN is a communications network that is secured by encryption and authentication, and layered on existing IP networks such as the Internet, or through a service provider's network.
- IP Security IP Security
- IPSec IP Security
- Basic IP-VPN security services include private network tunneling through the IP backbone and data encryption.
- IP-VPN operators also offer authentication proxying, centrally managed firewall functions, undesirable URL blocking, etc. Access to such a VPN is typically provided by dedicated network access servers.
- VPNs can be built over ATM, frame relay and X.25 technologies.
- a current trend for carriers is to deploy Internet VPNs, IP-VPNs.
- a portal To enter a network a portal, is needed. Such a portal offers a broad array of resources and services.
- the first access portals were online services, such as AOL, that provided access to the Internet.
- An example of an access portal is the Alcatel 5742 Personalized Service Selector (PSS), an software product that enables Digital Subscriber Line (DSL) access service providers to deliver value-added IP services to end users.
- PSS is targeted to DSL access/service providers, who own an IP gateway.
- Such a personalized and captive access portal facilitates the selection of and access to different services, e.g. VPNs or providers.
- Those services include Internet access via an Internet Service Provider (ISP), log on to corporate network, video on demand, interactive gaming, software on demand, etc.
- ISP Internet Service Provider
- PSS facilitates the selection of and the access to IP Virtual Private Networks, e.g. corporate network, ISP, etc.
- URL an abbreviation of Uniform Resource Locator
- URL stands for a standardized way of specifying addresses of web pages, files, newsgroups, and even email users, e.g. http://www.alcatel.de.
- Uniform Resource Identifier is the generic set of all names/addresses that are short strings that refer to resources within one network.
- Uniform Resource Locator is an informal term (no longer used in technical specifications) associated with popular URI schemes, e.g. http:, ftp:, mailto:, etc. In this context an other term appears, Uniform Resource Name. That is either a URI that has an institutional commitment to persistence, availability, etc. or a particular scheme, e.g. urn:, specified by RFC2141 and related documents, intended to serve as persistent, location-independent, resource identifiers.
- the central idea is to combine network/VPN specific information, down to layer 2 of OSI with the standard uniform resource identifier concept, as well as integrating the network access procedure.
- URI Uniform Resource Identifier
- VPN virtual private network
- URI uniform resource identifier
- the URI might identify a virtual private network syntactically by an authority access part or a query part.
- the method is realized by Client Terminal , or alternatively, an Adapter , an encoding (web)Application Server , or a Network Access Server , where the devices for accessing network resources using an URI having VPN information for accessing a VPN resource comprising
- URI Uniform Resource Identifier
- transfer protocols e.g. http and markup languages, e.g. HTML, SGML, XML, etc.
- markup languages e.g. HTML, SGML, XML, etc.
- a transfer protocol for encoding, decoding, transmitting, and receiving data is necessary, comprising uniform resource identifiers comprising a part for identifying a virtual private network where a resource is located, a part for identifying the access to said virtual private network, and a part for identifying said resource.
- This transfer protocol according might be Hyper Text Transfer Protocol (http).
- URls having VPN information will also be used in markup languages for structuring a document's character data into logical components that can then be named and referred.
- the markup language comprising uniform resource identifiers comprising a part for identifying a virtual private network where a resource is located, a part for identifying the access to said virtual private network, and a part for identifying said resource.
- the preferred markup languages are Hyper Text Markup Language (HTML) , Extensible Hyper Text Markup Language (XHTML) , and Extensible Markup Language Specification (XML) .
- a User Interface for accessing a VPN resource using an URI having VPN information comprising means for specifying said URI, e.g. hyper links, text fields, etc. and means for interactively guiding through a network access procedure, e.g. authentication, authorization, etc.
- the User Interface optionally comprising depicting means for showing the accessed VPNs and access paths as well as accessible VPNs and optional access paths with their characteristics, e.g. quality of service, cost. security level, etc.).
- Yet another embodiment of the invention is a C omputer Software Product for accessing a VPN resource using an URI having VPN information with components for extracting VPN information out of the URI, and establishing access to a VPN corresponding to the VPN information. And by a computer software product comprising components for requesting and/or receiving the by the URI identified resource.
- Another advantage of the present invention is that the concept is in line with the already established click through / URL user metaphor. And the concept embeds well in established transport protocols and the markup languages
- yet another advantage of the present invention is that the notation of URls can be used to associate VPNs with (web) services, e.g. in web sites.
- DSL Digital Subscriber Lines
- a Customer Premises Equipment refers to equipment that resides at the end-users location (home or office), e.g. DSL modems, DSL gateways, etc.
- a Digital Subscriber Line Access Multiplexer (DSLAM) is an equipment located in the central office that provides DSL services.
- a Personalized Service Selector (PSS) enables a DSL access/service provider to deliver DSL services.
- a Broadband Network Access Server (BNAS) is a server that enables an independent service provider (ISP) to provide connected customers with Internet access.
- a Service Management Center is carrier class management platform that enables network service providers (NSPs) to establish a port wholesaling service.
- An authentication, authorization and accounting Server is a system to control what computer resources users have access to and to keep track of the activity of users over a network.
- Hyper Text Transfer Protocol is the protocol by which web clients (browsers) and web servers communicate. It is stateless, meaning that it does not maintain a conversation between a given client and server, but it can be manipulated using scripting to appear as if state is being maintained. Do not confuse HTML (Markup language for our browser-based front ends), with HTTP (protocol used by clients and servers to send and receive messages over the Web). Graphical User Interface is what an end-user sees and interacts with when operating (interacting with) a software application. Sometimes referred to as the "front-end" of an application. HTML is the GUI standard for web-based applications. Link - A link is a relationship between two resources.
- HTML links usually connect HTML documents together in this fashion (called a hyperlink), but links can link to any type of resource (documents, pictures, sound and video files, etc.) capable of residing at a Web address (URI).
- URI Web address
- a Markup is comprised of several "special characters” that are used to structure a document's character data into logical components that can then be labeled (named) so that they can be manipulated more easily by a software application.
- a Markup Language is used to structure a document's character data into logical components, and "name” them in a manner that is useful.
- labels provide either formatting information about how the character data should be visually presented (for a word processor or a web browser, for instance) or they can provide "semantic" (meaningful) information about what kind of data the component represents.
- Markup languages provide a simple format for exchanging text-based character data that can be understood by both humans and machines.
- a resource is anything addressable via a URI. Examples of resources are: documents, files, pictures, sounds, videos and databases.
- Figure. 1 shows a commonly used the access network topology, a terminal client A1, a CPE A2, a DSLAM A3, a BNAS A4, with a PSS A5 and a SMC A6, NSP equipment A7, and multiple networks A8.
- the terminal client A1 is connected via the CPE, e.g. an DSL modem with the DSLAM A3 multiplexing multiple subscriber lines for the BNAS A4 and the PSS A5.
- the PSS enables an end-user access control over the BNAS A4, instructing the BNAS A4 using dedicated NSP equipment A7, e.g. an AAA server, etc., for accessing the networks A8.
- the DSLAM A3 and the BNAS A4 together build an IP gateway.
- the accessed networks A7 might be public like the Internet or private like a corporate network.
- the PSS A5 is managed by the SMC A6.
- FIG. 2 shows two windows of a PSS client B1 on the terminal client A1.
- the first PSS client window contains a service selection option B2 and a login panel B3 of "MY ISP".
- the second PSS client window contains a login panel B4 for a VPN.
- the PSS client user interface enables an end-user to choose a provider and/or an network, e.g. a virtual private network or the Internet. At the same time it provides a user interface for authentication B3, B4.
- FIG. 3 shows a navigator window of a Netscape browser C1.
- the window contains a text area C3 for search terms, key words, or web addresses. It contains the virtual private network uniform resource identifier (VPN-URI) httn://secret.service/?vnnid--skvnet identifying the private network "skynet", and within that network the site "secret.service/”.
- VPN-URI virtual private network uniform resource identifier
- httn://secret.service/?vnnid--skvnet identifying the private network "skynet", and within that network the site "secret.service/”.
- a pop-up window C2 is shown, asking for a user authentication to allow access.
- FIG. 4 shows a schematic drawing of the terminal client A1 and the browser C1.
- the terminal client A1 is connected via an adapter D1 containing a VPN-URI processor D2.
- the browser provides a VPN-URI to the VPN-URI processor D2.
- the VPN-URI processor is in charge to establish the corresponding VPN connection, if not already established, and to request an authentication, if required.
- the browser receives and transmits as usual resources identified e.g. by uniform resource identifiers.
- For non VPN-URIs the browser C1.
- the adapter D1 provides therefore the networking interface.
- the adapter D2 in this figure do not necessarily coincide with the CPE hardware A2 mentioned in Figure 1.
- the adapter D2 might be for instance an operating system component or a VPN-URI decoder component for the CPE hardware A2.
- FIG. 5 shows a schematic drawing of the terminal client A1' and the browser C1.
- the terminal client A1' comprises a web application server E1 that contains the VPN-URI processor D2.
- the VPN-URI processor D2 as well as the browser C1 is connected with an adapter D1'.
- the local web application server E1 decodes the VPN-URI received from the browser C1, and the VPN-URI processor D2 instructs the adapter D1' to establish the corresponding connection.
- the browser C1 can access directly VPN resources by using the adapter, or the web application server is enabled to serve requested VPN resources to the browser (client) C1 via the adapter D1' using the established connection.
- the mechanism encodes VPN information in uniform resource locators (uniform resource identifiers) similar to the advertisement click-through mechanism mentioned above.
- the technique according to the invention enhances the advertisement click-trough by enabling a network change and connection establishment.
- URI Uniform Resource identifier
- a hyper text reference carrying a VPN-URI in a HTML coded portal page the end-user is immediately transparently connected to the associated VPN.
- VPN resources might require an authentication, authorization, and accounting procedure, e.g. implemented by VPN logon procedure to set-up a new connection, where after the requested service is provided in that VPN.
- an authentication, authorization, and accounting procedure e.g. implemented by VPN logon procedure to set-up a new connection, where after the requested service is provided in that VPN.
- the service/resource is provided immediately by that VPN.
- a (software) component will process the VPN information included in the link. This component will interact with the VPN network access server to reach to the corresponding VPN. When the connection to VPN is established the actual resource request could be retrieved.
- This software component can be deployed on a client terminal itself or a server, e.g. DSL modem.
- the browser will first access the localhost, where localhost is an identifier for the local running web server.
- the localhost will trigger the click-through software component.
- the connection to VPN has been established, the actual resource request can be executed.
- FIG. 6 shows a schematic drawing of a terminal client A1" comprising the browser C1, and it shows network access equipment, e.g. a personalizes service selector A5 or a broadband network access server A4, in general a network access server (NAS) comprising a VPN-URI processor D2.
- network access equipment e.g. a personalizes service selector A5 or a broadband network access server A4, in general a network access server (NAS) comprising a VPN-URI processor D2.
- NAS network access server
- the VPN-URI processing might be implemented as a network access server functionality.
- URI uniform resource identifier
- Uniformity it allows different types of resource identifiers to be used in the same context, even when the mechanisms used to access those resources may differ; it allows uniform semantic interpretation of common syntactic conventions across different types of resource identifiers; it allows introduction of new types of resource identifiers without interfering with the way that existing identifiers are used; and, it allows the identifiers to be reused in many different contexts, thus permitting new applications or protocols to leverage a pre-existing, large, and widely-used set of resource identifiers.
- the resource is the conceptual mapping to an entity or set of entities, not necessarily the entity which corresponds to that mapping at any particular instance in time.
- Identifier is an object that can act as a reference to something that has identity.
- the object is a sequence of characters with a restricted syntax. Having identified a resource, a system may perform a variety of operations on the resource, as might be characterized by such words as 'access', 'update', 'replace', or 'find attributes'.
- the syntax notation and common element use two conventions to describe and define the syntax of URIs.
- the first, called the layout form, is a general description of the order of components and component separators, as in ⁇ first>/ ⁇ second>; ⁇ third>? ⁇ fourth>
- the second convention is a BNF-like grammar is used to define the formal URI syntax, see http://www. ietf.org/rfc/rfc822.txt (Backus-Naur notation (more commonly known as BNF or Backus-Naur Form) is a formal mathematical way to describe a language, which was developed by John Backus (and possibly Peter Naur as well) to describe the syntax of the Algol 60 programming language. A formal definition could be found in any introductory book about formal languages or compilers.)
- This generic URI syntax consists of a sequence of four main components: ⁇ scheme>:// ⁇ authority> ⁇ path>? ⁇ query>
- URI that are hierarchical in nature use the slash "/" character for separating hierarchical components.
- the authority component is typically defined by an Internet-based server or a scheme-specific registry of naming authorities.
- authority server
- the authority component is preceded by a double slash “//” and is terminated by the next slash “/”, question-mark "?”, or by the end of the URI.
- the characters ";”, “:”, “@”, "?”, and "/" are reserved.
- URI schemes that involve the direct use of an IP-based protocol to a specified server on the Internet use a common syntax for the server component of the URI's scheme-specific data: ⁇ userinfo>@ ⁇ host>: ⁇ port> where ⁇ userinfo> may consist of a user name and, optionally, scheme-specific information about how to gain authorization to access the server.
- the parts " ⁇ userinfo>@” and ": ⁇ port>” may be omitted.
- server [ [ userinfo "@” ] hostport ]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to combine virtual private network specific information, down to layer 2
of OSI with the standard uniform resource identifier concept, as well as integrating and
enhancing the network access procedure. It relates to a method for accessing a virtual
private network (VPN) resource based on VPN information contained in a uniform resource
identifier (URI) comprising the steps of extracting said VPN information out of the URI,
establishing access to a VPN corresponding to said VPN information, if not already
established, and requesting the by the URI identified resource. Further it relates to an
adapter, a client terminal, an encoding application server, a network access server, a uniform
resource identifier, corresponding markup languages and transfer protocols, a user interface,
and computer software products for accessing virtual private network resources based on
URIs.
Description
The present invention relates to providing access to resources in a virtual private network by
an extended notion of a uniform resource locator. More particularly, the present invention
relates to a method, an adapter, a client terminal, an encoding application server, a
network access server, a uniform resource identifier, a transfer protocol, a markup
language, a user interface, and computer software products for accessing a virtual
private network (VPN) resource based on a uniform resource identifier (URI).
Banner advertisement is the internal billboard placed on the Information Superhighway.
Banners usually appear at the top of web pages. Banner advertising is one of the most well
known and visible forms of advertising on the Internet today. They increase the visibility of
the product or service is advertised, same like a magazine or TV advertisement.
When a banner advertisement is clicked on, and the user is taken through to the advertiser web site this is termed a click-through. The banner advertisement contains a short text or graphical message to attract the viewer to click on it and be swiftly transported to that particular web site.
Example of an advertisement click-through might be
http://advertisment.com/clickthrouah?url=http://product.com/article/?id=1234
When a banner advertisement is clicked on, and the user is taken through to the advertiser web site this is termed a click-through. The banner advertisement contains a short text or graphical message to attract the viewer to click on it and be swiftly transported to that particular web site.
Example of an advertisement click-through might be
http://advertisment.com/clickthrouah?url=http://product.com/article/?id=1234
When the user clicks on this URL, he/she will first access the advertisement web site, e.g. for
marketing and statistical purposes, that will transparently forward him/her to the product web-site,
showing the product information of the article with id=1234.
In a nutshell, a virtual private network (VPN) is a private network that is configured within a
public network. Carriers have been building VPNs that appear to be private national or
international networks to their customers when they are, in fact, sharing backbone trunks
with other customers. VPNs feature the security of a private network via access control and
encryption, while taking advantage of the economies of scale and built-in management
facilities of large public networks.
The explosive growth of the Internet and the increase in telecommuting, corporate branch offices, and a mobile work force is revolutionizing business-to-business communications. The need to share information with employees, partners and customers worldwide is driving many organizations to deploy VPN technology over public Internet Protocol (IP) networks such as the Internet.
The ability to guarantee the privacy and protection of data is of the utmost importance when deploying services over the Internet where points of illegal entry can threaten sensitive communications. A secure VPN is a communications network that is secured by encryption and authentication, and layered on existing IP networks such as the Internet, or through a service provider's network. To combat security issues, the Internet Engineering Task Force (IETF) has developed the IP Security (IPSec) protocol suite. This set of IP extensions, which are based on modern cryptographic technologies, offer strong data authentication and privacy guarantees by securing the network, rather than just the applications. Basic IP-VPN security services include private network tunneling through the IP backbone and data encryption. IP-VPN operators also offer authentication proxying, centrally managed firewall functions, undesirable URL blocking, etc. Access to such a VPN is typically provided by dedicated network access servers. VPNs can be built over ATM, frame relay and X.25 technologies. A current trend for carriers is to deploy Internet VPNs, IP-VPNs.
The explosive growth of the Internet and the increase in telecommuting, corporate branch offices, and a mobile work force is revolutionizing business-to-business communications. The need to share information with employees, partners and customers worldwide is driving many organizations to deploy VPN technology over public Internet Protocol (IP) networks such as the Internet.
The ability to guarantee the privacy and protection of data is of the utmost importance when deploying services over the Internet where points of illegal entry can threaten sensitive communications. A secure VPN is a communications network that is secured by encryption and authentication, and layered on existing IP networks such as the Internet, or through a service provider's network. To combat security issues, the Internet Engineering Task Force (IETF) has developed the IP Security (IPSec) protocol suite. This set of IP extensions, which are based on modern cryptographic technologies, offer strong data authentication and privacy guarantees by securing the network, rather than just the applications. Basic IP-VPN security services include private network tunneling through the IP backbone and data encryption. IP-VPN operators also offer authentication proxying, centrally managed firewall functions, undesirable URL blocking, etc. Access to such a VPN is typically provided by dedicated network access servers. VPNs can be built over ATM, frame relay and X.25 technologies. A current trend for carriers is to deploy Internet VPNs, IP-VPNs.
To enter a network a portal, is needed. Such a portal offers a broad array of resources and
services. The first access portals were online services, such as AOL, that provided access to
the Internet.
An example of an access portal is the Alcatel 5742 Personalized Service Selector (PSS), an
software product that enables Digital Subscriber Line (DSL) access service providers to
deliver value-added IP services to end users. The PSS is targeted to DSL access/service
providers, who own an IP gateway.
Such a personalized and captive access portal facilitates the selection of and access to
different services, e.g. VPNs or providers. Those services include Internet access via an
Internet Service Provider (ISP), log on to corporate network, video on demand, interactive
gaming, software on demand, etc. Especially the PSS facilitates the selection of and the
access to IP Virtual Private Networks, e.g. corporate network, ISP, etc.
Addressing resources in networks, is well known since the Internet and browsers became
public. The term URL, an abbreviation of Uniform Resource Locator, stands for a
standardized way of specifying addresses of web pages, files, newsgroups, and even email
users, e.g. http://www.alcatel.de.
Technically, the correct term is URI, for Uniform Resource Identifier. The World Wide Web
Consortium provides an overview of materials related to addressing, accessible via the URI
http://www.w3.org/Addressing/
The Internet Engineering Task Force provides standardization and drafts respectively at
http://www.ietf.org/
A Uniform Resource Identifier is the generic set of all names/addresses that are short strings that refer to resources within one network. Uniform Resource Locator is an informal term (no longer used in technical specifications) associated with popular URI schemes, e.g. http:, ftp:, mailto:, etc. In this context an other term appears, Uniform Resource Name. That is either a URI that has an institutional commitment to persistence, availability, etc. or a particular scheme, e.g. urn:, specified by RFC2141 and related documents, intended to serve as persistent, location-independent, resource identifiers.
http://www.w3.org/Addressing/
The Internet Engineering Task Force provides standardization and drafts respectively at
http://www.ietf.org/
A Uniform Resource Identifier is the generic set of all names/addresses that are short strings that refer to resources within one network. Uniform Resource Locator is an informal term (no longer used in technical specifications) associated with popular URI schemes, e.g. http:, ftp:, mailto:, etc. In this context an other term appears, Uniform Resource Name. That is either a URI that has an institutional commitment to persistence, availability, etc. or a particular scheme, e.g. urn:, specified by RFC2141 and related documents, intended to serve as persistent, location-independent, resource identifiers.
However, services like advertisements, www services, intranet services, applications, etc.
offered in access portals like the Alcatel 5742 PSS, are often located in different IP VPNs.
The state of the art resource identification provide no identification mechanism to access a
resource from outside an IP VPN. The end-user first has to connect to the right VPN, before
able to access the services.
From a user's perspective it would be nice to access a VPN via entering e.g. a URI in a
browser, or following a hyper link using an already existing connection or forcing a
connection establishment. This access feature is called in the following click-trough access,
according to the above described advertising technique.
The central idea is to combine network/VPN specific information, down to layer 2 of OSI with
the standard uniform resource identifier concept, as well as integrating the network access
procedure.
This is archived by the invented Uniform Resource Identifier (URI) comprising a part for
identifying a virtual private network where a resource is located, a part for the access to said
virtual private network, and a part for identifying said resource; As well as the invented
Method for accessing a virtual private network (VPN) resource characterized in using a
uniform resource identifier (URI) having VPN information comprising the steps of
- extracting said VPN information out of the URI
- establishing access to a VPN corresponding to said VPN information, if not already established, and
- requesting the resource identified by the URI.
It is part of the invention that the URI might identify a virtual private network syntactically by
an authority access part or a query part.
It is a further part of the invention that the method is realized by Client Terminal, or
alternatively, an Adapter, an encoding (web)Application Server, or a Network Access
Server, where the devices for accessing network resources using an URI having VPN
information for accessing a VPN resource comprising
- an interpreter or decoder for extracting a VPN information out of a URI
- a connector for establishing access to a VPN corresponding to said VPN information, and
- a requestor for requesting the resource identified by the URI.
To be able to communicate the URI is used in transfer protocols, e.g. http and markup
languages, e.g. HTML, SGML, XML, etc. Hence there are further embodiments of the
invention concerning Transfer Protocol and Markup Language extensions.
A transfer protocol for encoding, decoding, transmitting, and receiving data is necessary,
comprising uniform resource identifiers comprising a part for identifying a virtual private
network where a resource is located, a part for identifying the access to said virtual private
network, and a part for identifying said resource. This transfer protocol according might be
Hyper Text Transfer Protocol (http).
URls having VPN information will also be used in markup languages for structuring a
document's character data into logical components that can then be named and referred.
Hence the markup language comprising uniform resource identifiers comprising a part for
identifying a virtual private network where a resource is located, a part for identifying the
access to said virtual private network, and a part for identifying said resource. The preferred
markup languages are Hyper Text Markup Language (HTML), Extensible Hyper Text
Markup Language (XHTML), and Extensible Markup Language Specification (XML).
It is another embodiment of the invention to enhance a User Interface making the extended
URls accessible and usable to a end-user.
It is another part of the invention that a User Interface for accessing a VPN resource using
an URI having VPN information comprising means for specifying said URI, e.g. hyper links,
text fields, etc. and means for interactively guiding through a network access procedure, e.g.
authentication, authorization, etc.
It is yet another part of the invention that the User Interface optionally comprising depicting means for showing the accessed VPNs and access paths as well as accessible VPNs and optional access paths with their characteristics, e.g. quality of service, cost. security level, etc.).
It is yet another part of the invention that the User Interface optionally comprising depicting means for showing the accessed VPNs and access paths as well as accessible VPNs and optional access paths with their characteristics, e.g. quality of service, cost. security level, etc.).
The method is implemented by a corresponding hardware or software. Yet another
embodiment of the invention is a Computer Software Product for accessing a VPN
resource using an URI having VPN information with components for extracting VPN
information out of the URI, and establishing access to a VPN corresponding to the VPN
information. And by a computer software product comprising components for requesting
and/or receiving the by the URI identified resource.
Accordingly, it is an object and advantage of the present invention to provide a simple, fast,
and user-friendly click-through access to services located in different VPNs. This will
decrease the threshold of consuming services.
Another advantage of the present invention is that the concept is in line with the already
established click through / URL user metaphor. And the concept embeds well in established
transport protocols and the markup languages
Hence, yet another advantage of the present invention is that the notation of URls can be
used to associate VPNs with (web) services, e.g. in web sites.
These and many other objects and advantages of the present invention will become
apparent to those of ordinary skill in the art from a consideration of the drawings and ensuing
description.
Those of ordinary skill in the art will realize that the following description of the present
invention is illustrative only and is not intended to be in any way limiting. Other embodiments
of the invention will readily suggest themselves to such skilled persons from an examination
of the within disclosure.
Digital Subscriber Lines (DSL) carry data at high speeds over standard copper telephone
wires.
A Customer Premises Equipment (CPE) refers to equipment that resides at the end-users location (home or office), e.g. DSL modems, DSL gateways, etc.
A Digital Subscriber Line Access Multiplexer (DSLAM) is an equipment located in the central office that provides DSL services.
A Personalized Service Selector (PSS) enables a DSL access/service provider to deliver DSL services.
A Broadband Network Access Server (BNAS) is a server that enables an independent service provider (ISP) to provide connected customers with Internet access.
A Service Management Center (SMC) is carrier class management platform that enables network service providers (NSPs) to establish a port wholesaling service.
A Customer Premises Equipment (CPE) refers to equipment that resides at the end-users location (home or office), e.g. DSL modems, DSL gateways, etc.
A Digital Subscriber Line Access Multiplexer (DSLAM) is an equipment located in the central office that provides DSL services.
A Personalized Service Selector (PSS) enables a DSL access/service provider to deliver DSL services.
A Broadband Network Access Server (BNAS) is a server that enables an independent service provider (ISP) to provide connected customers with Internet access.
A Service Management Center (SMC) is carrier class management platform that enables network service providers (NSPs) to establish a port wholesaling service.
An authentication, authorization and accounting Server (AAA Server) is a system to control
what computer resources users have access to and to keep track of the activity of users over
a network.
Hyper Text Transfer Protocol (HTTP) is the protocol by which web clients (browsers) and
web servers communicate. It is stateless, meaning that it does not maintain a conversation
between a given client and server, but it can be manipulated using scripting to appear as if
state is being maintained. Do not confuse HTML (Markup language for our browser-based
front ends), with HTTP (protocol used by clients and servers to send and receive messages
over the Web).
Graphical User Interface is what an end-user sees and interacts with when operating (interacting with) a software application. Sometimes referred to as the "front-end" of an application. HTML is the GUI standard for web-based applications.
Link - A link is a relationship between two resources. HTML links usually connect HTML documents together in this fashion (called a hyperlink), but links can link to any type of resource (documents, pictures, sound and video files, etc.) capable of residing at a Web address (URI).
A Markup is comprised of several "special characters" that are used to structure a document's character data into logical components that can then be labeled (named) so that they can be manipulated more easily by a software application.
A Markup Language is used to structure a document's character data into logical components, and "name" them in a manner that is useful. These labels (element names) provide either formatting information about how the character data should be visually presented (for a word processor or a web browser, for instance) or they can provide "semantic" (meaningful) information about what kind of data the component represents. Markup languages provide a simple format for exchanging text-based character data that can be understood by both humans and machines.
A resource is anything addressable via a URI. Examples of resources are: documents, files, pictures, sounds, videos and databases.
Graphical User Interface is what an end-user sees and interacts with when operating (interacting with) a software application. Sometimes referred to as the "front-end" of an application. HTML is the GUI standard for web-based applications.
Link - A link is a relationship between two resources. HTML links usually connect HTML documents together in this fashion (called a hyperlink), but links can link to any type of resource (documents, pictures, sound and video files, etc.) capable of residing at a Web address (URI).
A Markup is comprised of several "special characters" that are used to structure a document's character data into logical components that can then be labeled (named) so that they can be manipulated more easily by a software application.
A Markup Language is used to structure a document's character data into logical components, and "name" them in a manner that is useful. These labels (element names) provide either formatting information about how the character data should be visually presented (for a word processor or a web browser, for instance) or they can provide "semantic" (meaningful) information about what kind of data the component represents. Markup languages provide a simple format for exchanging text-based character data that can be understood by both humans and machines.
A resource is anything addressable via a URI. Examples of resources are: documents, files, pictures, sounds, videos and databases.
Figure. 1 shows a commonly used the access network topology, a terminal client A1, a CPE
A2, a DSLAM A3, a BNAS A4, with a PSS A5 and a SMC A6, NSP equipment A7, and
multiple networks A8.
The terminal client A1 is connected via the CPE, e.g. an DSL modem with the DSLAM A3
multiplexing multiple subscriber lines for the BNAS A4 and the PSS A5. The PSS enables an
end-user access control over the BNAS A4, instructing the BNAS A4 using dedicated NSP
equipment A7, e.g. an AAA server, etc., for accessing the networks A8. The DSLAM A3 and
the BNAS A4 together build an IP gateway. The accessed networks A7 might be public like
the Internet or private like a corporate network. The PSS A5 is managed by the SMC A6.
Figure. 2 shows two windows of a PSS client B1 on the terminal client A1. The first PSS
client window contains a service selection option B2 and a login panel B3 of "MY ISP". The
second PSS client window contains a login panel B4 for a VPN.
The PSS client user interface enables an end-user to choose a provider and/or an network, e.g. a virtual private network or the Internet. At the same time it provides a user interface for authentication B3, B4.
The PSS client user interface enables an end-user to choose a provider and/or an network, e.g. a virtual private network or the Internet. At the same time it provides a user interface for authentication B3, B4.
Figure. 3 shows a navigator window of a Netscape browser C1. The window contains a text
area C3 for search terms, key words, or web addresses. It contains the virtual private
network uniform resource identifier (VPN-URI)
httn://secret.service/?vnnid--skvnet
identifying the private network "skynet", and within that network the site "secret.service/". Furthermore a pop-up window C2 is shown, asking for a user authentication to allow access.
httn://secret.service/?vnnid--skvnet
identifying the private network "skynet", and within that network the site "secret.service/". Furthermore a pop-up window C2 is shown, asking for a user authentication to allow access.
Figure. 4 shows a schematic drawing of the terminal client A1 and the browser C1. The
terminal client A1 is connected via an adapter D1 containing a VPN-URI processor D2.
The browser provides a VPN-URI to the VPN-URI processor D2. The VPN-URI processor is in charge to establish the corresponding VPN connection, if not already established, and to request an authentication, if required. When the VPN connection is established the browser receives and transmits as usual resources identified e.g. by uniform resource identifiers. For non VPN-URIs the browser C1. The adapter D1 provides therefore the networking interface.
The browser provides a VPN-URI to the VPN-URI processor D2. The VPN-URI processor is in charge to establish the corresponding VPN connection, if not already established, and to request an authentication, if required. When the VPN connection is established the browser receives and transmits as usual resources identified e.g. by uniform resource identifiers. For non VPN-URIs the browser C1. The adapter D1 provides therefore the networking interface.
Note that the adapter D2 in this figure do not necessarily coincide with the CPE hardware A2
mentioned in Figure 1. The adapter D2 might be for instance an operating system
component or a VPN-URI decoder component for the CPE hardware A2.
Figure. 5 shows a schematic drawing of the terminal client A1' and the browser C1. The
terminal client A1' comprises a web application server E1 that contains the VPN-URI
processor D2. The VPN-URI processor D2 as well as the browser C1 is connected with an
adapter D1'.
The local web application server E1 decodes the VPN-URI received from the browser C1, and the VPN-URI processor D2 instructs the adapter D1' to establish the corresponding connection. When the connection is established, either the browser C1 can access directly VPN resources by using the adapter, or the web application server is enabled to serve requested VPN resources to the browser (client) C1 via the adapter D1' using the established connection.
The local web application server E1 decodes the VPN-URI received from the browser C1, and the VPN-URI processor D2 instructs the adapter D1' to establish the corresponding connection. When the connection is established, either the browser C1 can access directly VPN resources by using the adapter, or the web application server is enabled to serve requested VPN resources to the browser (client) C1 via the adapter D1' using the established connection.
Following the illustrating use case mentioned in the background part, the shown solutions
solve the stated problem. The mechanism encodes VPN information in uniform resource
locators (uniform resource identifiers) similar to the advertisement click-through mechanism
mentioned above. The technique according to the invention enhances the advertisement
click-trough by enabling a network change and connection establishment.
Using the URI according to the invention, it is possible to extend accordingly markup languages, e.g. Hyper Text Markup Language (HTML), and the respective transfer protocols, e.g. http.
Using the URI according to the invention, it is possible to extend accordingly markup languages, e.g. Hyper Text Markup Language (HTML), and the respective transfer protocols, e.g. http.
Using the extensions would enable a end-user clicking on a VPN information enhanced link,
e.g. a hyper text reference carrying a VPN-URI in a HTML coded portal page, the end-user is
immediately transparently connected to the associated VPN. Such an hyper text reference
might look like
<a href = "http://secret.service/?vpnid=skynet"> Secret Service Network </a>
<a href = "http://secret.service/?vpnid=skynet"> Secret Service Network </a>
To access VPN resources might require an authentication, authorization, and accounting
procedure, e.g. implemented by VPN logon procedure to set-up a new connection, where
after the requested service is provided in that VPN. In case where the end-user is already
connected to the associated VPN the service/resource is provided immediately by that VPN.
A (software) component will process the VPN information included in the link. This
component will interact with the VPN network access server to reach to the corresponding
VPN. When the connection to VPN is established the actual resource request could be
retrieved. This software component can be deployed on a client terminal itself or a server,
e.g. DSL modem.
In a client centric solution the client terminal processes URI encoded VPN accesses the
click-through application, e.g. by running an application web server locally that is able to
encode the VPN information and to establish a connection. Then the uniform resource
identifier might look like
http://localhost/clickthrough ? vpnid=skynet ?"url=http://advertisment.com/clickthrouah?url=h ttp://product.com/article/?id=1234".
Where "vpnid=skynet" a name value pair to specify a particular VPN to be accessed, and the advertisement click-through:
http://advertisment.com/clickthrough?url=http://product.com/article/?id=1234 is proceed as described in the Background part.
http://localhost/clickthrough ? vpnid=skynet ?"url=http://advertisment.com/clickthrouah?url=h ttp://product.com/article/?id=1234".
Where "vpnid=skynet" a name value pair to specify a particular VPN to be accessed, and the advertisement click-through:
http://advertisment.com/clickthrough?url=http://product.com/article/?id=1234 is proceed as described in the Background part.
In this example, the browser will first access the localhost, where localhost is an identifier for
the local running web server. The localhost will trigger the click-through software component.
This component will process the VPN information included in the URI, e.g. vpnid=skynet, and
will interact with a VPN network access server to connect to the corresponding VPN. When
the connection to VPN has been established, the actual resource request can be executed.
Hence, in the example, a user will access the advertisement web site, for marketing and
statistical purposes, that will transparently forward her to the product web-site, showing the
product information of article id=1234, although the site is located in the skynet VPN.
Figure. 6 shows a schematic drawing of a terminal client A1" comprising the browser C1,
and it shows network access equipment, e.g. a personalizes service selector A5 or a
broadband network access server A4, in general a network access server (NAS) comprising
a VPN-URI processor D2.
From a standardization and a technical point of view it is advantageous to extend the hyper
text transfer protocol and the uniform resource identifier enabling the handling of arbitrary
VPN topologies. Currently an IP address is decoded from a URI. This invention extends this
concept of identifying a location in a IP network by identifying virtual private networks.
When the current URI syntax and semantic is extended in this way unifying the access to
VPNs, the VPN-URI processing might be implemented as a network access server
functionality.
Currently a uniform resource identifier (URI) is defined as a string of characters for identifying
an abstract or physical resource within a network. URI are characterized by the following
definitions:
Uniformity: it allows different types of resource identifiers to be used in the same context,
even when the mechanisms used to access those resources may differ; it allows uniform
semantic interpretation of common syntactic conventions across different types of resource
identifiers; it allows introduction of new types of resource identifiers without interfering with
the way that existing identifiers are used; and, it allows the identifiers to be reused in many
different contexts, thus permitting new applications or protocols to leverage a pre-existing,
large, and widely-used set of resource identifiers. The resource is the conceptual mapping to
an entity or set of entities, not necessarily the entity which corresponds to that mapping at
any particular instance in time.
Identifier: is an object that can act as a reference to something that has identity. In the case
of URI, the object is a sequence of characters with a restricted syntax. Having identified a
resource, a system may perform a variety of operations on the resource, as might be
characterized by such words as 'access', 'update', 'replace', or 'find attributes'.
The syntax notation and common element use two conventions to describe and define the
syntax of URIs. The first, called the layout form, is a general description of the order of
components and component separators, as in
<first>/<second>;<third>?<fourth>
<first>/<second>;<third>?<fourth>
The second convention is a BNF-like grammar is used to define the formal URI syntax, see
http://www. ietf.org/rfc/rfc822.txt
(Backus-Naur notation (more commonly known as BNF or Backus-Naur Form) is a formal mathematical way to describe a language, which was developed by John Backus (and possibly Peter Naur as well) to describe the syntax of the Algol 60 programming language. A formal definition could be found in any introductory book about formal languages or compilers.)
http://www. ietf.org/rfc/rfc822.txt
(Backus-Naur notation (more commonly known as BNF or Backus-Naur Form) is a formal mathematical way to describe a language, which was developed by John Backus (and possibly Peter Naur as well) to describe the syntax of the Algol 60 programming language. A formal definition could be found in any introductory book about formal languages or compilers.)
The URI syntax is dependent upon the scheme. In general, absolute URI are written as
follows:
<scheme>:<scheme-specific-part>
<scheme>:<scheme-specific-part>
This generic URI syntax consists of a sequence of four main components:
<scheme>://<authority><path>?<query>
<scheme>://<authority><path>?<query>
URI that are hierarchical in nature use the slash "/" character for separating hierarchical
components.
The authority component is typically defined by an Internet-based server or a scheme-specific
registry of naming authorities.
authority = server | reg_name
authority = server | reg_name
The authority component is preceded by a double slash "//" and is terminated by the next
slash "/", question-mark "?", or by the end of the URI. Within the authority component, the
characters ";", ":", "@", "?", and "/" are reserved.
URI schemes that involve the direct use of an IP-based protocol to a specified server on the
Internet use a common syntax for the server component of the URI's scheme-specific data:
<userinfo>@<host>:<port>
where <userinfo> may consist of a user name and, optionally, scheme-specific information about how to gain authorization to access the server. The parts "<userinfo>@" and ":<port>" may be omitted.
server = [ [ userinfo "@" ] hostport ]
<userinfo>@<host>:<port>
where <userinfo> may consist of a user name and, optionally, scheme-specific information about how to gain authorization to access the server. The parts "<userinfo>@" and ":<port>" may be omitted.
server = [ [ userinfo "@" ] hostport ]
Further details can be found in e.g. http:llwww.ietf.org/rfc/rfc2396.txt
As illustrated in the example above one might embed the VPN part into the query part.
Claims (20)
- A Method for accessing a virtual private network (VPN) resource characterized in using a uniform resource identifier (URI) having VPN information comprising the steps ofextracting said VPN information out of the URI (C3)establishing access to a VPN (A8) corresponding to said VPN information, if not already established, andrequesting the resource identified by the URI (C3).
- A Uniform Resource Identifier comprising a part for identifying a virtual private network where a resource is located, a part for identifying the access to said virtual private network, and a part for identifying said resource.
- The Uniform Resource Identifier according to Claim 2 where the part for identifying a virtual private network syntactically is an authority access path.
- The Uniform Resource Identifier according to Claim 2 where the part for identifying a virtual private network syntactically is an query part.
- A Client Terminal (A1, A1', A1") for accessing network resources characterized in that said client terminal comprisingan interpreter (D2) for extracting a VPN information out of a URI (C3)a connector (D2) for establishing access to a VPN (AS) corresponding to said VPN information, anda requestor (C1, D2) for requesting the resource identified by the URI (C3)
- An Adapter (D1) for establishing network connections characterized in that said adapter comprisinga decoder (D2) for extracting a VPN information out of a URI (C3)a connector (D2) for establishing access to a VPN (A8) corresponding to said VPN information, anda requestor (C1, D2) for requesting the resource identified by the URI (C3)
- An Encoding Application Server (E1) for accessing a VPN resource characterized in that said encoding application server comprisingan interpreter (D2) for extracting a VPN information out of a URI (C3)a connector (D2) for establishing access to a VPN (A8) corresponding to said VPN information, anda requestor (C1, D2) for requesting the resource identified by the URI (C3)
- An Network Access Server (A4, A5) as an access portal for accessing a VPN characterized in that said network access server comprisingan interpreter (D2) for extracting a VPN information out of a URI (C3)a connector (D2) for establishing access to a VPN (A8) corresponding to said VPN information, anda requestor (C1, D2) for requesting the resource identified by the URI (C3)
- A Transfer Protocol for encoding, decoding, transmitting, and receiving data characterized in comprising uniform resource identifiers comprising a part for identifying a virtual private network where a resource is located, a part for identifying the access to said virtual private network, and a part for identifying said resource.
- The Transfer Protocol according to Claim 9 where the transfer protocol is Hyper Text Transfer Protocol (http).
- A Markup Language for structuring a document's character data into logical components that can then be named and referred characterized in that said markup language comprising uniform resource identifiers comprising a part for identifying a virtual private network where a resource is located, a part for identifying the access to said virtual private network, and a part for identifying said resource.
- The Markup Language according to Claim 11 where the markup language is Hyper Text Markup Language (HTML) or Extensible Hyper Text Markup Language (XHTML).
- The Markup Language according to Claim 1 1 where the markup language is Extensible Markup Language Specification (XML).
- A User Interface (C1, C2, C3) for accessing a VPN resource using an URI having VPN information comprising means for specifying said URI (links, text fields, etc.) and means for interactively guiding through a network access procedure (authentication, authorization, and accounting).
- The User Interface (C1, C2, C3) according to Claim 13. comprising depicting means for showing the accessed VPNs with their characteristics (quality of service, cost. etc.).
- The User Interface (C1, C2, C3) according to Claim 13. comprising depicting means for showing the access paths with their characteristics (quality of service, cost. etc.).
- The User Interface (C1, C2, C3) according to Claim 13. comprising depicting means for showing the accessible VPNs with their characteristics (quality of service, cost. etc.).
- The User Interface (C1, C2, C3) according to Claim 13. comprising depicting means for showing the optional access paths for a VPN are shown with their characteristics (quality of service, cost. etc.) .
- A Computer Software Product for accessing a VPN resource using an URI having VPN information according to Claim 5 with components forextracting said VPN information out of the URI, andestablishing access to a VPN corresponding to said VPN information.
- A Computer Software Product for accessing a VPN resource using an URI having VPN information according to Claim 5 comprising components for requesting and/or receiving the by the URI identified resource.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP02360207A EP1381190A1 (en) | 2002-07-12 | 2002-07-12 | Method for accessing a virtual private network resource based on uniform resource identifiers |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP02360207A EP1381190A1 (en) | 2002-07-12 | 2002-07-12 | Method for accessing a virtual private network resource based on uniform resource identifiers |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1381190A1 true EP1381190A1 (en) | 2004-01-14 |
Family
ID=29724584
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP02360207A Withdrawn EP1381190A1 (en) | 2002-07-12 | 2002-07-12 | Method for accessing a virtual private network resource based on uniform resource identifiers |
Country Status (1)
Country | Link |
---|---|
EP (1) | EP1381190A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006058429A1 (en) * | 2004-12-02 | 2006-06-08 | Desktopsites Inc. | System and method for launching a resource in a network |
WO2009118023A1 (en) * | 2008-03-25 | 2009-10-01 | Nokia Siemens Networks Oy | Dynamic discovery of quality of service nodes |
US8732182B2 (en) | 2004-12-02 | 2014-05-20 | Desktopsites Inc. | System and method for launching a resource in a network |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0838930A2 (en) * | 1996-10-25 | 1998-04-29 | Digital Equipment Corporation | Pseudo network adapter for frame capture, encapsulation and encryption |
EP1049036A2 (en) * | 1999-04-29 | 2000-11-02 | Citibank, N.A. | System and method for web trading |
WO2002050695A1 (en) * | 2000-12-20 | 2002-06-27 | Talk2 Technology, Inc. | Spontaneous virtual private network between portable device and enterprise network |
-
2002
- 2002-07-12 EP EP02360207A patent/EP1381190A1/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0838930A2 (en) * | 1996-10-25 | 1998-04-29 | Digital Equipment Corporation | Pseudo network adapter for frame capture, encapsulation and encryption |
EP1049036A2 (en) * | 1999-04-29 | 2000-11-02 | Citibank, N.A. | System and method for web trading |
WO2002050695A1 (en) * | 2000-12-20 | 2002-06-27 | Talk2 Technology, Inc. | Spontaneous virtual private network between portable device and enterprise network |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006058429A1 (en) * | 2004-12-02 | 2006-06-08 | Desktopsites Inc. | System and method for launching a resource in a network |
US7912822B2 (en) | 2004-12-02 | 2011-03-22 | Desktopsites Inc. | System and method for launching a resource in a network |
US8306961B2 (en) | 2004-12-02 | 2012-11-06 | desktopsites, Inc. | System and method for launching a resource in a network |
US8732182B2 (en) | 2004-12-02 | 2014-05-20 | Desktopsites Inc. | System and method for launching a resource in a network |
WO2009118023A1 (en) * | 2008-03-25 | 2009-10-01 | Nokia Siemens Networks Oy | Dynamic discovery of quality of service nodes |
US8260889B2 (en) | 2008-03-25 | 2012-09-04 | Nokia Siemens Networks Oy | Dynamic discovery of quality of service nodes |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9860251B2 (en) | Dynamic encryption of a universal resource locator | |
US5964891A (en) | Diagnostic system for a distributed data access networked system | |
EP1706832B1 (en) | Improved user interface | |
US6226677B1 (en) | Controlled communications over a global computer network | |
Gralla | How the Internet works | |
EP1114545B1 (en) | Method and system for injecting external content into computer network interactive sessions | |
US6453335B1 (en) | Providing an internet third party data channel | |
US5884035A (en) | Dynamic distributed group registry apparatus and method for collaboration and selective sharing of information | |
US7188179B1 (en) | System and method for providing service provider choice over a high-speed data connection | |
US20080034420A1 (en) | System and method of portal customization for a virtual private network device | |
US20070180147A1 (en) | System for insertion of advertising content in user-requested internet web pages | |
US20010027474A1 (en) | Method for clientless real time messaging between internet users, receipt of pushed content and transacting of secure e-commerce on the same web page | |
US20030135548A1 (en) | System and method for disseminating knowledge over a global computer network | |
JP2010154569A (en) | System and method for redirecting user attempting accessing network site | |
WO1998043271A1 (en) | Universal domain routing and publication control system | |
Protocol | Internet | |
US20030187976A1 (en) | Tracking users at a web server network | |
EP1381190A1 (en) | Method for accessing a virtual private network resource based on uniform resource identifiers | |
US7840645B1 (en) | Methods and apparatus for providing content over a computer network | |
JP5191076B2 (en) | Information providing apparatus and method | |
Cisco | SESM Features | |
AU2006207853B2 (en) | Systems and methods for redirecting users attempting to access a network site | |
Cisco | Content Request Gateway Software Features | |
Fisher | Spinning the Web: a guide to serving information on the World Wide Web | |
KR100734965B1 (en) | Systems and methods for redirecting users attempting to access a network site |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
AKX | Designation fees paid | ||
REG | Reference to a national code |
Ref country code: DE Ref legal event code: 8566 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20040715 |